JP2016001352A - Portable terminal device, control method therefor, control program, and medical information management system - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a mobile terminal device capable of, when the mobile terminal device is carried out from a medical institute, preventing leakage of medical information acquired by the mobile terminal device, and a medical information management device, a control method of the mobile terminal device, and a control program thereof.SOLUTION: A mobile terminal device 13 uses a communication state monitoring unit 37 for monitoring a communication state between a wireless communication control unit 28 and a wireless LAN access point 18. A terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is out of a communication area of the wireless LAN access point 18, that is, out of a building of a hospital, when a communication speed between the wireless communication control unit 28 and a wireless LAN access point 18 is below a threshold or its connection state becomes offline. An information hiding unit 41 processes and hides the medical information acquired by the mobile terminal device 13.

Description

  The present invention relates to a mobile terminal device used for browsing medical information, a medical information management system including the mobile terminal device, a control method and a control program for the mobile terminal device.

  Manage medical information such as hospital information systems (HIS), medical image management systems (PACS), and radiology information systems (RIS) in medical institutions such as hospitals Medical information management systems are widespread. These medical information management systems are connected to an in-hospital network provided in a hospital, together with client terminals operated by medical personnel such as doctors. The client terminal can read medical information stored in each system and display it on a monitor by communicating with these medical information management systems.

  With the widespread use of portable terminal devices such as PDAs, smartphones, and tablet terminals, medical institutions that use portable terminal devices as client terminals for hospital networks are increasing. Since the portable terminal device is small and light, it can be carried around in a hospital and used in various places. In addition, by connecting the mobile terminal device to a wireless local area network (LAN) of the hospital network, medical information can be browsed at various locations in the hospital.

  The medical information viewed on the client terminal includes a lot of personal information of the patient such as the patient's name, age, address, and medical condition. Therefore, a client terminal that handles medical information needs to prevent leakage of medical information.

  Patent Document 1 discloses a client terminal including a medical information concealment device that prevents leakage of medical information. The medical information concealment device of Patent Literature 1 is based on medical information acquisition means for acquiring medical information from a medical information management system, operator information acquisition means for acquiring information of an operator of a client terminal, and acquired operator information. A concealed medical information identifying means for identifying the type of medical information to be concealed, and a concealing means for performing concealment processing so that the medical information displayed on the monitor cannot be browsed corresponding to the identified type of medical information. I have.

  For example, when a medical person such as a doctor logs in to the medical information management system in order to view medical information on the client terminal, the operator information acquisition unit specifies that the operator of the client terminal is a medical person Is done. Since the type of medical information to be concealed is not registered in the concealed medical information specifying means when the operator is a medical person, the medical information is not concealed, and the medical person can view the medical information. it can. However, when a person other than a medical person such as a system engineer who manages the medical information management system logs in to the medical information management system, the concealed medical information specifying means includes the name and address of the patient as medical information to be concealed. Since the personal information of the patient is registered, the personal information of the patient is hidden by the concealing means so that it cannot be browsed.

JP 2006-314404 A

  A portable terminal device is small, light and easy to carry, and is used in various places in a hospital, so it may be lost or stolen. Therefore, when the mobile terminal device is taken out of the hospital due to loss or theft, medical information acquired by the mobile terminal device is leaked.

  If the medical information concealment device disclosed in Patent Document 1 is used, leakage of medical information displayed on the mobile terminal device can be prevented even if the mobile terminal device is lost or stolen. Further, if the medical information management system has a user authentication function, it is not possible to log in to the medical information management system from a lost or stolen portable terminal device, and thus leakage of new medical information can be prevented. However, the medical information concealment device and the user authentication function disclosed in Patent Document 1 cannot prevent leakage of medical information already acquired by the mobile terminal device.

  For example, if the mobile terminal device can be remotely operated from the medical information management server, the medical information management server can remotely operate the mobile terminal device to conceal the medical information. However, even if the mobile terminal device can be remotely operated from the medical information management server, the remote operation of the mobile terminal device is limited to the communication range of the wireless LAN of the hospital network, so the mobile terminal device is taken out of the communication range. If this happens, we cannot deal with it.

  The present invention relates to a portable terminal device, a medical information management system, and a portable terminal that can prevent leakage of medical information that is already acquired and stored by the portable terminal device when the portable terminal device is taken out from a medical institution. An object of the present invention is to provide an apparatus control method and a control program.

  In order to solve the above problems, a mobile terminal device of the present invention monitors a communication state of a wireless communication control unit that performs wireless communication with a medical information management server that manages medical information, and a communication state of the wireless communication control unit. A communication status monitoring unit that generates communication status monitoring information, a medical information communication unit that acquires medical information from a medical information management server via a wireless communication control unit, and a medical information acquired by the medical information communication unit An information display control unit to be displayed, a terminal position determination unit that determines whether or not the current position is within the wireless communication range of the medical information management server based on the communication status monitoring information, and the current position is determined by the terminal position determination unit And an information concealment unit that executes a concealment process for medical information acquired from the medical information management server when it is determined that the wireless communication area is out of range.

  The communication state monitoring unit monitors the connection state between the wireless communication control unit and the medical information management server, and the terminal position determination unit determines that the communication state is not within the wireless communication range when the connection state is offline. preferable.

  The communication status monitoring unit monitors the communication speed between the wireless communication control unit and the medical information management server, and the terminal position determination unit determines whether or not the communication range of the medical information management server is within the communication range based on the communication speed. It is preferable to judge. The terminal position determination unit determines that the communication speed is equal to or greater than a predetermined speed set in advance, and determines that the communication speed is within a radio communication range. It is preferable to determine that there is.

  It is preferable that the communication state monitoring unit monitors the radio field intensity of the medical information management server, and the terminal position determination unit determines whether or not the terminal is within the radio communication range of the medical information management server based on the radio field intensity. In addition, the terminal position determination unit determines that the radio communication area is within the radio communication range when the radio field intensity is equal to or higher than the predetermined intensity, and is out of the radio communication area when the communication speed is equal to or less than the predetermined intensity. Is preferably determined.

  An authentication unit that performs an authentication process for reading medical information from the medical information management server is provided, and this authentication unit is used when the determination result of the terminal position determination unit changes from a wireless communication area to a wireless communication area. It is preferable to perform a re-authentication process for reading medical information from the information management server.

  The information concealment unit preferably cancels the concealment process when re-authentication is performed by the medical information management server.

  It is preferable that the information concealing unit performs concealment processing of information related to the patient's personal information among the medical information. The personal information preferably includes at least a patient name.

  The medical information management system of the present invention includes a medical information management server that manages medical information, and a portable terminal device that includes a wireless communication control unit that performs wireless communication with the medical information management server. The mobile terminal device includes a communication state monitoring unit that monitors the communication state of the wireless communication control unit and generates communication state monitoring information, and medical information communication that acquires medical information from the medical information management server via the wireless communication control unit. A terminal that determines whether the medical information management server is within a wireless communication area based on the communication status monitoring information, an information display control unit that displays medical information acquired by the medical information communication unit on a display screen A position determining unit; and an information concealing unit that executes a concealing process for medical information acquired from the medical information management server when the terminal position determining unit determines that the terminal is not in the wireless communication range.

  In addition, the method for controlling the band terminal device according to the present invention includes a step of performing wireless communication with a medical information management server that manages medical information, and monitoring a communication state of a wireless communication control unit, thereby obtaining communication state monitoring information. Based on the communication status monitoring step to be generated, the medical information acquisition step for acquiring medical information from the medical information management server, the display step for displaying the medical information acquired in the medical information acquisition step on the display screen, and the communication status monitoring information The terminal position determining step for determining whether or not the wireless communication range of the medical information management server is within the wireless communication range, and the medical position acquired from the medical information management server when the terminal position determination unit determines that the wireless communication range is not within the wireless communication range. An information concealment step for executing information concealment processing.

  Further, the control program for the band terminal device of the present invention monitors the communication state of the wireless communication control unit that performs wireless communication with the medical information management server that manages medical information, and the communication state monitoring. Via the communication state monitoring unit that generates information, the medical information communication unit that acquires medical information from the medical information management server, and the medical information acquired by the medical information communication unit are displayed on the display screen via the wireless communication control unit. Based on the information display control unit and the communication status monitoring information, the terminal position determination unit that determines whether or not the wireless communication range of the medical information management server is within the wireless communication range is determined by the terminal position determination unit In this case, an information concealment unit that performs concealment processing of medical information acquired from the medical information management server is provided.

  According to the present invention, even when a mobile terminal device is taken out of a medical institution due to loss or theft, the current position of the mobile terminal device is automatically detected so that medical information acquired by the mobile terminal device cannot be read. Can be concealed. Therefore, even when the mobile terminal device is used as a client terminal of the medical information management system, leakage of medical information can be prevented.

  In addition, since the mobile terminal device cannot browse the medical information without authentication of the medical information management server, it is possible to prohibit reading of new medical information by the lost or stolen mobile terminal device. Furthermore, since it has been detected that the mobile terminal device has returned from the outside of the communication range to the communication range and can be re-logged in to the medical information management server, even if the user accidentally takes the mobile terminal device out of the communication range, The medical information can be continuously browsed by logging in, and user convenience is improved.

It is the schematic which shows the structure of a medical information management system. It is a block diagram which shows the electric constitution of a portable terminal device. It is a block diagram which shows the functional structure of the portable terminal device at the time of medical information browsing program starting. It is a table | surface which shows the criterion of terminal position determination. It is explanatory drawing which shows the communication area of a wireless LAN access point. It is a table | surface which shows the communication speed and connection state of the portable terminal device of FIG. It is explanatory drawing which shows the display state of the medical information of a portable terminal device. It is explanatory drawing which shows the structure of a medical information file. It is explanatory drawing which shows the display state of the medical information by which the portable terminal device was concealed. It is a flowchart which shows the browsing procedure of the medical information of 1st Embodiment. It is explanatory drawing which shows the screen of the portable terminal device at the time of a re-login process. It is explanatory drawing which shows the screen of the portable terminal device which used the shading process for the concealment process. It is a table | surface which shows the field intensity and connection state of the portable terminal device of 2nd Embodiment. It is a table | surface which shows the criterion of terminal position determination of 2nd Embodiment. It is a flowchart which shows the browsing procedure of the medical information of 2nd Embodiment.

[First Embodiment]
As shown in FIG. 1, a medical information management system 10 of the present invention includes a medical information management server 11 that manages medical information, and a plurality of client terminals 12 for reading and browsing medical information from the medical information management server 11. , And a plurality of mobile terminal devices 13, a medical information management server 11, a client terminal 12, and a hospital network 14 that connects the mobile terminal devices 13 so as to communicate with each other. The medical information management system 10 is built in a medical institution such as a hospital or clinic.

  The in-hospital network 14 includes a wired LAN 16 and a wireless LAN 17 connected to the wired LAN 16. A medical information management server 11 and a stationary client terminal 12 are connected to the wired LAN 16 by a LAN cable (not shown). The wireless LAN 17 is constructed by a wireless LAN access point 18 connected to the wired LAN 16. The mobile terminal device 13 is wirelessly connected to the wireless LAN 17. Although only one wireless LAN access point 18 is depicted in FIG. 1, a plurality of wireless LAN access points 18 are installed so as to cover communication within a predetermined area in the building of a medical institution. .

  The medical information management server 11 is a HIS server, for example, and manages various types of medical information such as patient information, medical information, and accounting information for each patient. The patient information represents personal information of each patient, and includes, for example, patient name, patient ID, address, date of birth, age, sex, and the like. The medical information is information related to the medical treatment of the patient, and includes, for example, a medical treatment date, a medical department, a name of a wound, a diagnosis result, a treatment period, a kind and amount of medication, a prescription pharmacy name, and the like. Further, the accounting information includes, for example, examination costs, medication costs, examination costs, and information indicating whether insurance is applied. Various types of medical information are stored in a medical information database 20 connected to the medical information management server 11.

  A user information database 22 is connected to the medical information management server 11 together with the medical information database 20. The user information database 22 stores information about users who log in to the medical information management server 11 using the client terminal 12 and the mobile terminal device 13. The user in the present embodiment is a medical staff such as a doctor or a nurse who works at a medical institution. The user information is, for example, user attribute information, a login user ID and password, and the like. The attribute information includes the name of the user, the role of a doctor or nurse, the affiliation, and the like.

  The medical information management server 11 performs an authentication process as to whether or not to permit reading of medical information when the client terminal 12 or the mobile terminal device 13 logs in to read medical information. This authentication process is performed by comparing the user ID and password transmitted from the client terminal 12 and the like with the user ID and password stored in the user information database 22. The medical information management server 11 authenticates the client terminal 12 and the like if there is a user ID and password that match those transmitted to the user information database 22. On the other hand, if there is no user ID and password that match those transmitted to the user information database 22, the client terminal 12 or the like is not authenticated.

  Further, the medical information management server 11 searches for medical information from the medical information database 20 in response to a medical information request from the client terminal 12 or the portable terminal device 13, and transmits the medical information to the client terminal 12 or the portable terminal device 13. To do. The medical information management server 11 receives the medical information transmitted from the client terminal 12 or the portable terminal device 13 when the medical information is input from the client terminal 12 or the portable terminal device 13, and receives the medical information database. 20 stored.

  The client terminal 12 is, for example, a desktop or notebook personal computer in which a program for browsing medical information is installed. The client terminal 12 is provided with a monitor 12a and an input device 12b composed of a mouse and a keyboard. For example, a plurality of client terminals 12 are installed for each clinic or each department and are operated by a doctor or a nurse. The client terminal 12 reads the medical information from the medical information management server 11 and displays the medical information on the monitor 12a. The client terminal 12 accepts input of medical information from the input device 12b. The medical information input to the client terminal 12 is transmitted to the medical information management server 11 and stored in the medical information database 20 by the medical information management server 11.

  The mobile terminal device 13 is, for example, a PDA, a smart phone, or a tablet terminal in which a program for browsing medical information is installed. The mobile terminal device 13 is provided with a touch panel 24 used for displaying medical information, operating the mobile terminal device 13 and inputting medical information. For example, a plurality of mobile terminal devices 13 are provided for each clinic or each department. In addition, one mobile terminal device 13 may be provided for each doctor or nurse. The mobile terminal device 13 reads the medical information from the medical information management server 11 and displays the medical information on the touch panel 24. The mobile terminal device 13 accepts input of medical information from the touch panel 24. The medical information input to the mobile terminal device 13 is transmitted to the medical information management server 11 and stored in the medical information database 20 by the medical information management server 11.

  As shown in FIG. 2, the mobile terminal device 13 includes a touch panel 24, a system memory 26, a CPU 27, a wireless communication control unit 28, an antenna 29, a power supply control unit 30, a battery 31, and a storage memory 32. These are connected to each other via a data bus 33.

  The system memory 26 stores various programs such as a control program for controlling the mobile terminal device 13, application programs, and various data. The system memory 26 temporarily stores various data generated in the control process. As the system memory 26, a nonvolatile memory such as a flash memory is used so that each data is not lost even when the power of the mobile terminal device 13 is turned off. The CPU 27 reads out various programs from the system memory 26 and sequentially processes them to control each part of the mobile terminal device 13 in an integrated manner. The wireless communication control unit 28 and the antenna 29 perform wireless communication with the wireless LAN access point 18. The power supply control unit 30 supplies the power of the battery 31 to each unit. The storage memory 32 stores data created by the mobile terminal device 13.

  When the control program is activated by the CPU 27, the mobile terminal device 13 displays an initial screen on the touch panel 24. The user operates an icon or the like displayed on the initial screen on the touch panel 24 to start a target program or display various information on the touch panel 24.

  The application program stored in the system memory 26 includes a medical information browsing program for browsing medical information in the medical information management system. When the medical information browsing program is activated on the portable terminal device 13, the CPU 27 displays the browser 35, the authentication unit 36, the communication state monitoring unit 37, the terminal position determination unit 38, the medical information communication unit 39, and the information display control unit 40 shown in FIG. The information hiding unit 41 functions.

  The browser 35 is a well-known web browser for connecting to the Internet. The medical information browsing program of this embodiment is a web application that runs on the browser 35. Therefore, when the medical information browsing program is activated, the browser 35 is also activated.

  The authentication unit 36 performs authentication processing to the medical information management server 11 when the mobile terminal device 13 reads medical information from the medical information management server 11. In this authentication process, the authentication unit 36 displays a screen prompting the user to input a login user ID and password on the touch panel 24. When the user ID and password are input by the user, the authentication unit 36 transmits the user ID and password to the medical information management server 11 together with a login notification. In the medical information management server 11, as described above, authentication processing is performed using the user ID and password. When the medical information management server 11 authenticates the mobile terminal device 13, authentication information indicating that the mobile terminal device 13 has been authenticated is transmitted from the medical information management server 11 to the mobile terminal device 13. The authentication information is stored in the authentication unit 36.

  The authentication information stored in the authentication unit 36 is used when a medical information request for medical information is transmitted from the mobile terminal device 13 to the medical information management server 11 and when a medical information input via the touch panel 24 is transmitted. And transmitted with medical information. Based on the authentication information, the medical information management server 11 confirms that it is a medical information request or medical information from the authenticated portable terminal device 13.

  Further, the authentication unit 36 deletes the authentication information when the mobile terminal device 13 goes out of the communication area of the wireless LAN access point 18. As a result, the mobile terminal device 13 cannot read the medical information from the medical information management server 11, so that further reading of the medical information from the medical information management server 11 and leakage thereof can be prevented. When the mobile terminal device 13 returns from the outside of the communication area of the wireless LAN access point 18 to the communication area, the medical information management server 11 is re-authenticated. Since this re-authentication process is the same process as the authentication process described above, a detailed description thereof will be omitted.

  The communication status monitoring unit 37 and the terminal position determination unit 38 determine whether or not the current position of the mobile terminal device 13 is within the communication range of the wireless LAN access point 18, that is, whether the mobile terminal device 13 is in a medical institution building. Detect whether or not. This is because it is detected that the portable terminal device 13 has been taken out of the medical institution due to loss or theft, and medical information is prevented from leaking.

  The communication state monitoring unit 37 monitors the communication state between the wireless communication control unit 28 and the wireless LAN access point 18, that is, the communication state between the wireless communication control unit 28 and the medical information management server 11. The communication state monitoring unit 37 measures the communication speed between the wireless communication control unit 28 and the wireless LAN access point 18 at a predetermined time interval, for example, and between the wireless communication control unit 28 and the wireless LAN access point 18. Check the connection status. In the measurement of the communication speed, for example, the number of communication bits (bps) per second is measured. The connection state is confirmed by checking whether or not the wireless communication control unit 28 and the wireless LAN access point 18 are connected, that is, whether the wireless communication control unit 28 is online or offline. The communication state monitoring unit 37 outputs the measured communication speed and the confirmed connection state to the terminal position determination unit 38 as communication state monitoring information. The output of the communication status monitoring information is performed at the same interval as the measurement of the communication speed and the confirmation of the connection status, for example.

  When the communication state monitoring information is transmitted from the communication state monitoring unit 37, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is within the communication range of the wireless LAN access point 18 based on the communication state monitoring information. It is determined whether or not. Specifically, as shown in Table 43 of FIG. 4, when the communication speed of the communication status monitoring information is faster than a preset threshold value and the connection status is online, the mobile terminal device 13 accesses the wireless LAN. The point 18 is determined to be within the communication range. When the communication speed of the communication status monitoring information is slower than the threshold, it is determined that the communication status is out of the communication range even if the connection status is online. Furthermore, it is determined that the mobile terminal device 13 is out of the communication range of the wireless LAN access point 18 even when the connection state of the communication state monitoring information is offline. Note that the current position of the mobile terminal device 13 is determined by combining the communication speed and the connection state even when there is a difference in the size of the building of the medical institution and the communication area. This is because the current position can be determined.

  The threshold of the communication speed used for determining the current position of the mobile terminal device 13 by the terminal position determination unit 38 is set, for example, by actually measuring the communication speed when the mobile terminal device 13 is taken out of a building of a medical institution. It is preferable to do this.

  The communication state between the wireless LAN access point 18 and the wireless communication control unit 28 is affected by the radio wave intensity of the radio wave of the wireless LAN access point 18 received by the wireless communication control unit 28, and the communication speed increases as the radio wave intensity increases. Get faster. In addition, the radio wave intensity of the wireless LAN access point 18 is attenuated and becomes weaker as the distance from the wireless LAN access point 18 increases. Therefore, when the distance between the wireless communication control unit 28 and the wireless LAN access point 18 is close and the radio wave intensity is strong, the communication speed is increased. On the other hand, when the distance between the wireless communication control unit 28 and the wireless LAN access point 18 is long and the radio wave intensity is weak, the communication speed is slow and may go offline.

  As shown in FIG. 5, the wireless LAN access point 18 installed in a medical institution forms a communication area 46 of a predetermined range within a building 45 of the medical institution. In FIG. 5, the inside of the communication area 46 is a communication area 46 a that can communicate with the wireless LAN access point 18, and the outside of the communication area 46 is an outside communication area 46 b that cannot communicate with the wireless LAN access point 18. For example, the portable terminal device 13 located in the communication area 46a of the wireless LAN access point 18 is the terminal ID001, the portable terminal device 13 located on the boundary of the communication area 46 is the terminal ID002, and the portable terminal device 13 located outside the building 45 of the medical institution. The terminal device 13 is set to terminal ID003. In addition, the threshold of the communication speed used for determining the current position of the mobile terminal device 13 is, for example, 10 Mbps. A table 48 in FIG. 6 shows the communication speed and connection state of each mobile terminal device 13 measured by the communication state monitoring unit 37.

  As shown in Table 48 of FIG. 6, the communication speed of the mobile terminal device 13 with the terminal ID 001 is 120 Mbps, and the connection state is online. When this communication speed and connection state are applied to Table 43 in FIG. 4, the communication speed (120 Mbps)> threshold value (10 Mbps) and the online state is established. Therefore, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 with the terminal ID 001 is within the communication area 46 a of the wireless LAN access point 18.

  Further, as shown in Table 48 of FIG. 6, the mobile terminal device 13 with the terminal ID 002 is online, but the communication speed is reduced to 5 Mbps. When this communication speed and connection state are applied to Table 43 in FIG. 4, the communication speed (5 Mbps) <threshold value (10 Mbps) and the online state are established. Therefore, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 with the terminal ID 002 is outside the communication range 46 b of the wireless LAN access point 18.

  Furthermore, as shown in Table 48 of FIG. 6, the connection state of the mobile terminal device 13 with the terminal ID 003 is offline. in this case. Based on the table 43 in FIG. 4, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 with the terminal ID 003 is outside the communication range 46 b of the wireless LAN access point 18. Thus, based on the communication speed or connection state between the wireless communication control unit 28 and the wireless LAN access point 18, whether or not the current position of the mobile terminal device 13 is within the communication area 46 a of the wireless LAN access point 18. Can be determined.

  In FIG. 5, the communication area 46 of the wireless LAN access point 18 is depicted as a circle centered on the wireless LAN access point 18, but the structure of the medical institution building 45 (wooden, reinforced concrete, etc.), examination room The shape of the communication area 46 changes due to the floor plan or the like. However, even if the shape of the communication area 46 is not circular, the communication speed and connection state change according to the distance between the wireless communication control unit 28 and the wireless LAN access point 18, so the communication speed and connection Based on the state, it can be determined whether or not the current position of the mobile terminal device 13 is within the communication range.

  The communication state monitoring unit 37 continues monitoring the communication state even after the mobile terminal device 13 goes out of the communication area 46 b of the wireless LAN access point 18 and outputs the communication state monitoring information to the terminal position determination unit 38. The terminal position determination unit 38 determines the current position of the mobile terminal device 13 when receiving the communication state monitoring information from the communication state monitoring unit 37. Therefore, the terminal position determination unit 38 can also detect that the mobile terminal device 13 once goes out of the communication area 46b of the wireless LAN access point 18 and returns to the communication area 46a.

  The medical information communication unit 39 communicates medical information with the medical information management server 11. When an operation for reading medical information is performed on the browser 35, the medical information communication unit 39 requests the medical information management server 11 to read the medical information, and the authentication information read from the authentication unit 36. Is transmitted via the wireless communication control unit 28. The medical information request includes the type of medical information designated by the user, for example, request information such as patient information and medical information of a specific patient. Further, the medical information communication unit 39 receives the medical information transmitted from the medical information management server 11 via the wireless communication control unit 28. When the medical information is input through the touch panel 24, the medical information communication unit 39 transmits the input medical information and authentication information to the medical information management server 11 via the wireless communication control unit 28.

  The information display control unit 40 displays the medical information acquired by the medical information communication unit 39 on the touch panel 24 using the browser 35. As shown in FIG. 7, the information display control unit 40 displays a medical information display screen 50 in the browser screen 49 of the browser 35 displayed on the touch panel 24 of the mobile terminal device 13. In the upper part of the medical information display screen 50, a patient information display tab T1, a medical treatment information display tab T2, and an accounting information display tab T3 are arranged. These tabs T <b> 1 to T <b> 3 are used to switch medical information displayed on the medical information display screen 50. When the patient information display tab T1 is selected, patient information is displayed on the medical information display screen 50, and when the medical information display tab T2 is selected, the medical information of the patient is displayed on the medical information display screen 50. The Similarly, when the transaction information display tab T3 is selected, the patient's transaction information is displayed on the medical information display screen 50. FIG. 7 shows a state in which the patient information display tab T1 is selected and the patient information is displayed on the medical information display screen 50.

  The patient information displayed on the medical information display screen 50 is composed of an information item name 52 and an information box 53 in which the contents of the information are displayed. The patient information item name 52 includes patient ID (ID) F01, patient name F02, Kana name F03, gender F04, date of birth F05, postal code F06, address F07, telephone number F08, request department F09, ward F10 and The doctor in charge F11 or the like. The requested department F09 is a medical department in which patients such as internal medicine and surgery are receiving medical care. In the ward F10, in the case of an inpatient, the names of wards such as a medical ward and a surgical ward are displayed in the information box 53, and in the case of an outpatient, “outpatient” is displayed in the information box 53.

  Input of medical information on the medical information display screen 50 can be performed, for example, by touching an information box 53 of an item name 52 for which medical information is to be input on the touch panel 24. Specifically, when the information box 53 is touched with the touch panel 24, an information input window (not shown) is displayed on the medical information display screen 50. In the information input window, for example, an input box for inputting medical information, a registration button, and a cancel button are displayed. When inputting medical information, enter the medical information in the input box and operate the registration button. When the registration button is operated, the information input window disappears, and the newly input medical information is displayed in the information box 53 of the medical information display screen 50. The input medical information is transmitted from the mobile terminal device 13 to the medical information management server 11.

  A save button 54 for saving the medical information displayed on the medical information display screen 50 in the mobile terminal device 13 is provided at the bottom of the medical information display screen 50. When the save button 54 is operated, the information table time control unit 40 converts the medical information displayed on the medical information display screen 50 into, for example, an HTML format medical information file holding the display format in the storage memory 32. To remember. Since this medical information file is in the HTML format, it can be opened and browsed on the browser 35, for example.

  As shown in FIG. 8, the medical information file 55 includes an HTML format medical information data 56 and a personal information added by the information time control unit 40 when the medical information data 56 includes personal information such as a patient's name. And an information flag 57. The personal information flag 57 is used for determining whether or not to conceal the personal information of the medical information data 56.

  When medical information or accounting information is displayed on the medical information display screen 50, the item name and information box of each medical information are displayed as in the case of the patient information described above, and the medical information is input by the same method. Will not be described in detail.

  The information concealment unit 41 is displayed on the medical information display screen 50 when the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is outside the communication range 46b of the wireless LAN access point 18. A concealment process for concealing at least personal information from information is performed. Since the mobile terminal device 13 is used in various places within the medical institution, the mobile terminal device 13 is lost outside the medical institution with the patient information displayed, or stolen and taken out of the medical institution. This is because there is a risk of leakage of the patient's personal information.

  As illustrated in FIG. 9, when the terminal location determination unit 38 determines that the current location of the mobile terminal device 13 is outside the communication range 46b of the wireless LAN access point 18, the information hiding unit 41, for example, the patient name F02 The contents displayed in the information box 53 of Kana name F03, date of birth F05, postal code F06, address F07, and telephone number F08 are concealed. In this concealment process, for example, all characters in the information box 53 are replaced with symbols such as “*”. Even when medical information and accounting information are displayed on the medical information display screen 50, the patient's personal information is concealed as in the case of patient information. As a result, even when the mobile terminal device 13 is taken out of a medical institution due to theft or the like while medical information is displayed on the mobile terminal device 13, the mobile terminal device 13 goes out of the communication area 46 b of the wireless LAN access point 18. Since the patient's personal information is concealed, the personal information can be protected.

  The operation of the above configuration will be described with reference to the flowchart shown in FIG. When a user such as a doctor or nurse browses medical information using the mobile terminal device 13, the user confirms that the mobile terminal device 13 is connected to the hospital network 14, and then the mobile terminal device 13. Thus, an operation for logging in to the medical information management server 11 is performed (S10). When the login operation by the user is performed, the authentication unit 36 illustrated in FIG. 3 displays a screen prompting the user to input a login user ID and password on the touch panel 24. When the user ID and password are input by the user, the authentication unit 36 transmits the user ID and password to the medical information management server 11 together with a login notification.

  The medical information management server 11 compares the user ID and password transmitted from the mobile terminal device 13 with the user ID and password stored in the user information database 22. The medical information management server 11 authenticates the mobile terminal device 13 and transmits authentication information to the mobile terminal device 13 when the user information database 22 has a user ID and password that match the transmitted one. . On the other hand, if the user information database 22 does not have a user ID and password that match those transmitted to the user information database 22, the mobile terminal device 13 is not authenticated, and unauthenticated information is stored in the mobile terminal device 13. Send.

  When the authentication information is transmitted from the medical information management server 11, the authentication unit 36 of the portable terminal device 13 stores the authentication information (S11). Further, when non-authentication information is transmitted from the medical information management server 11, the authentication unit 36 displays a screen for inputting a login user ID and password on the touch panel 24 and prompts re-login.

  After completing the login to the medical information management server 11, the communication state monitoring unit 37 starts monitoring the communication state between the wireless communication control unit 28 and the wireless LAN access point 18 (S3). The communication state monitoring unit 37 measures the communication speed between the wireless communication control unit 28 and the wireless LAN access point 18 at a predetermined time interval, and connects between the wireless communication control unit 28 and the wireless LAN access point 18. Check the status. The communication state monitoring unit 37 outputs the measured communication speed and the confirmed connection state to the terminal position determination unit 38 as communication state monitoring information.

  The medical information communication unit 39 acquires medical information from the medical information management server 11 when an operation for reading medical information is performed on the browser 35 (S4). The acquisition of medical information by the medical information communication unit 39 transmits a medical information request and authentication information via the wireless communication control unit 28. In response to the medical information request received from the mobile terminal device 13, the medical information management server 11 searches for medical information from the medical information database 20 and transmits the medical information to the mobile terminal device 13. The medical information communication unit 39 receives the medical information transmitted from the medical information management server 11 via the wireless communication control unit 28.

  The information display control unit 40 displays the medical information acquired by the medical information communication unit 39 on the touch panel 24 using the browser 35 (S5). As shown in FIG. 7, the information display control unit 40 displays a medical information display screen 50 in the browser screen 49 of the browser 35 displayed on the touch panel 24 of the mobile terminal device 13. In addition, the information display control unit 40 displays patient information, medical information, or accounting information on the medical information display screen 50 in accordance with operations on the tabs T1 to T3 on the medical information display screen 50. FIG. 7 shows a state in which the patient information display tab T1 is selected and the patient information is displayed on the medical information display screen 50. The user performs a medical examination while referring to the medical information displayed on the touch panel 24, or presents the medical information displayed on the touch panel 24 to the patient to explain the medical treatment.

  When the communication state monitoring information is transmitted from the communication state monitoring unit 37, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is based on the communication speed and connection state of the communication state monitoring information. It is determined whether or not the communication range 46a of the access point 18 is present (S6).

  As shown in FIG. 5, when the current position of the mobile terminal device 13 is the position of the terminal ID 001, for example, the communication speed of the mobile terminal device 13 with the terminal ID 001 is 120 Mbps as shown in Table 48 of FIG. Yes, the connection status is online. In this case, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 with the terminal ID 001 is within the communication area 46a of the wireless LAN access point 18, as shown in Table 43 of FIG.

  Also, as shown in FIG. 5, when the current position of the mobile terminal device 13 is, for example, the position of the terminal ID002, the mobile terminal device 13 with the terminal ID002 is connected as shown in Table 48 of FIG. Is online, but the communication speed is as low as 5 Mbps. In this case, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 with the terminal ID 002 is outside the communication range 46b of the wireless LAN access point 18, as shown in Table 43 of FIG.

  Furthermore, as shown in FIG. 5, when the current position of the mobile terminal device 13 is, for example, the position of the terminal ID 003, as shown in Table 48 of FIG. Go offline. In this case, the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 with the terminal ID 002 is outside the communication range 46b of the wireless LAN access point 18, as shown in Table 43 of FIG.

  When the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is outside the communication range 46b of the wireless LAN access point 18 (YES in S6), the information hiding unit 41 displays the medical information display screen 50. A concealment process is performed to conceal at least personal information from the displayed patient information (S7). As shown in FIG. 9, the information concealment unit 41 converts the characters in the information box 53 of the patient name F02, the Kana name F03, the date of birth F05, the postal code F06, the address F07, and the telephone number F08 to symbols such as “*”. Replace all with. As a result, even when the mobile terminal device 13 is taken out of a medical institution due to theft or the like while medical information is displayed on the mobile terminal device 13, the mobile terminal device 13 goes out of the communication area 46 b of the wireless LAN access point 18. Since the patient's personal information is concealed, the personal information can be protected.

  The information concealment unit 41 also conceals personal information even when the medical information file 55 stored in the storage memory 32 is opened when the mobile terminal device 13 is outside the communication range 46b of the wireless LAN access point 18. I do. Thereby, not only the personal information currently displayed on the mobile terminal device 13 but also the personal information already obtained by the mobile terminal device 13 can be concealed.

  When the terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is outside the communication range 46b of the wireless LAN access point 18 (YES in S6), the authentication unit 36 deletes the authentication information (S8). ). Thereby, since reading of new medical information from the medical information management server 11 by the portable terminal device 13 is prohibited, leakage of new medical information can be prevented.

  The communication state monitoring unit 37 continues monitoring the communication state even after the mobile terminal device 13 goes out of the communication area 46 b of the wireless LAN access point 18 and outputs the communication state monitoring information to the terminal position determination unit 38. When receiving the communication state monitoring information from the communication state monitoring unit 37, the terminal position determination unit 38 determines the current position of the mobile terminal device 13 (S9). The medical information concealment process by the information concealment unit 41 is continued while the mobile terminal device 13 is outside the communication area 46b of the wireless LAN access point 18 (NO in S9), so that the medical information is not leaked.

  The terminal position determination unit 38 determines that the current position of the mobile terminal device 13 is within the communication area 46a of the wireless LAN access point 18 when the communication speed of the communication state monitoring information exceeds a threshold value or when the connection state changes to online. (YES in S9).

  When the terminal position determination unit 38 determines that the mobile terminal device 13 has returned from the outside communication range 46b of the wireless LAN access point 18 to the communication range 46a, the authentication unit 36 performs re-login processing (S10). In this re-login process, as shown in FIG. 11, a login window 60 for inputting a login user ID and password is displayed on the medical information display screen 50. When the user ID and password are input to the login window 60, the authentication unit 36 transmits the user ID and password together with the login notification to the medical information management server 11. In the medical information management server 11, authentication processing similar to that at the time of the new login described above is performed, and authentication information or non-authentication information is transmitted from the medical information management server 11 to the mobile terminal device 13.

  When the authentication information is transmitted from the medical information management server 11 to the mobile terminal device 13 and re-login is confirmed (YES in S11), the information hiding unit 41 cancels the hiding process of the medical information display screen 50 ( S12). As a result, the patient's personal information is displayed again on the medical information display screen 50 as shown in FIG. In addition, since the authentication information is stored in the authentication unit 36 by re-login, the user can continue browsing the medical information. For example, when the user accidentally takes the mobile terminal device 13 out of the communication range 46b of the wireless LAN access point 18, the medical information can be continuously browsed by re-login, so that the convenience for the user is improved.

  If the mobile terminal device 13 cannot re-login to the medical information management server 11 (NO in S11), the medical information concealment process and the prohibition of reading medical information from the medical information management server 11 are continued. The Accordingly, since the person who has stolen the portable terminal device 13 cannot log in again with an appropriate user ID or password, leakage of medical information can be prevented.

  As described above, when the mobile terminal device 13 is taken out of the communication range 46 a of the wireless LAN access point 18 to the outside of the communication range 46 b, the mobile terminal device 13 communicates with the wireless LAN access point 18. It is possible to automatically detect the out-of-service area 46b and perform a concealment process so that medical information already acquired by the mobile terminal device 13 cannot be browsed. Therefore, even when the portable terminal device 13 that is small and light and excellent in portability is used as a client terminal of the medical information management system 10, it is possible to prevent leakage of medical information due to loss or theft of the portable terminal device 13. .

  Further, when the mobile terminal device 13 is taken out of the communication range 46 a of the wireless LAN access point 18 to the outside of the communication range 46 b, the mobile terminal device 13 cannot read new medical information from the medical information management server 11. Therefore, leakage of new medical information can be prevented.

  Furthermore, the mobile terminal device 13 may detect that the mobile terminal device 13 has once returned to the communication area 46a after exiting the communication area 46b of the wireless LAN access point 18, and may log in to the medical information management server 11 again. it can. Therefore, even when the user accidentally takes the portable terminal device 13 out of the communication range 46b of the wireless LAN access point 18, the medical information can be continuously browsed by re-login, so that convenience for the user is improved.

  In the above embodiment, the process of replacing the medical information with a specific symbol has been described as the concealment process. However, the target is visually recognized by performing the shading process or the blurring process as in the medical information display screen 65 shown in FIG. It may be disabled. The medical information to be concealed is not limited to the patient's personal information, and all medical information may be concealed.

[Second Embodiment]
In the first embodiment, the communication speed and connection state between the wireless communication control unit 28 and the wireless LAN access point 18 are used to determine the current position of the mobile terminal device 13. Is used. In addition, description is abbreviate | omitted about a common part with 1st Embodiment, and it demonstrates centering around difference.

  As described in the first embodiment, the radio field intensity of the wireless LAN access point 18 is attenuated and becomes weaker as the distance from the wireless LAN access point 18 increases. Therefore, the communication area of the wireless LAN access point 18 is specified from the radio field intensity. be able to. Since mobile terminal devices such as PDAs, smartphones, and tablet terminals are generally equipped with a function that expresses radio wave intensity by the number of antennas and the like as a standard feature, the mobile terminal device 13 can perform wireless LAN access. It is easy to measure the radio wave intensity at the point 18.

  In this case, as shown in Table 70 of FIG. 13, the communication state monitoring unit 37 measures the radio wave intensity and connection state of the wireless LAN access point 18. The radio wave intensity can be measured, for example, as a “dBm” value in which radio waves are expressed in units of power, and measurement values such as “−50 dBm” and “−120 dBm” can be obtained. Note that the dBm value has a higher radio wave intensity as the value is larger, and has a lower radio wave strength as the value is smaller. Therefore, the radio wave intensity of “−50 dBm” is higher than “−120 dBm”.

  As shown in Table 72 of FIG. 14 and S6a and S9a of FIG. 15, the terminal position determination unit 38 compares the radio field intensity of the wireless LAN access point 18 with a threshold value, and the current position of the mobile terminal device 13 is determined to be wireless. It is determined whether or not the LAN access point 18 is within the communication range.

  Also in the present embodiment, when the mobile terminal device 13 is taken out of the communication range 46a of the wireless LAN access point 18 to the outside of the communication range 46b due to loss or theft, the current position of the mobile terminal device 13 is Since it is possible to automatically detect that the wireless LAN access point 18 is out of the communication range 46b, medical information can be concealed in the same manner as in the first embodiment to prevent information leakage.

  In the first embodiment, the current position of the mobile terminal device 13 is determined based on the communication speed and the connection state. In the second embodiment, the current position of the mobile terminal device 13 is determined based on the radio wave intensity and the connection state. You may determine the present position of the portable terminal device 13 only by any one of intensity | strength. According to this, since the determination process is simplified, the processing load on the mobile terminal device 13 can be reduced.

DESCRIPTION OF SYMBOLS 10 Medical information management system 11 Medical information management server 12 Client terminal 13 Portable terminal device 14 Hospital network 18 Wireless LAN access point 28 Wireless communication control part 37 Communication state monitoring part 38 Terminal position determination part 39 Medical information communication part 40 Information display control part 41 Information concealment unit 46 Communication area 50 Medical information display screen

Claims (13)

A wireless communication control unit that performs wireless communication with a medical information management server that manages medical information;
A communication state monitoring unit that monitors a communication state of the wireless communication control unit and generates communication state monitoring information;
A medical information communication unit for acquiring medical information from the medical information management server via the wireless communication control unit;
An information display control unit for displaying the medical information acquired by the medical information communication unit on a display screen;
A terminal position determination unit that determines whether the current position is within the wireless communication range of the medical information management server based on the communication state monitoring information;
An information concealment unit that executes concealment processing of the medical information acquired from the medical information management server when the terminal position determination unit determines that the current position is out of the wireless communication range;
A portable terminal device comprising:   The communication state monitoring unit monitors a connection state between the wireless communication control unit and the medical information management server, and the terminal position determination unit is within the wireless communication range when the connection state is offline. The mobile terminal device according to claim 1, wherein the mobile terminal device is determined not to exist.   The communication state monitoring unit monitors a communication speed between the wireless communication control unit and the medical information management server, and the terminal position determination unit is within a communication range of the medical information management server based on the communication speed. The mobile terminal device according to claim 1, wherein it is determined whether or not the mobile terminal device is present.   The terminal position determination unit determines that the communication speed is within the wireless communication area when the communication speed is equal to or higher than a predetermined speed set in advance, and when the communication speed is equal to or lower than a predetermined speed set in advance, The mobile terminal device according to claim 3, wherein the mobile terminal device is determined to be out of a communication range.   The communication state monitoring unit monitors the radio field intensity of the medical information management server, and the terminal position determination unit determines whether the medical information management server is within a radio communication area based on the radio field intensity. The mobile terminal device according to claim 1, wherein the mobile terminal device is a mobile terminal device.   The terminal position determination unit determines that the wireless communication area is within the wireless communication range when the radio field strength is equal to or higher than a predetermined strength, and the wireless communication is performed when the communication speed is equal to or lower than a predetermined strength. The mobile terminal device according to claim 5, wherein the mobile terminal device is determined to be out of service area.   An authentication unit that performs an authentication process for reading medical information from the medical information management server, and the authentication unit has changed the determination result of the terminal position determination unit from outside the wireless communication area to the wireless communication area; In such a case, a re-authentication process for reading medical information from the medical information management server is performed.   The mobile terminal device according to claim 7, wherein the information concealment unit cancels the concealment process when re-authentication is performed from the medical information management server by the re-authentication process.   The mobile terminal device according to claim 1, wherein the information concealing unit performs a concealing process on information related to personal information of a patient among the medical information.   The mobile terminal device according to claim 9, wherein the personal information includes at least a patient name. In a medical information management system comprising: a medical information management server that manages medical information; and a portable terminal device that includes a wireless communication control unit that performs wireless communication with the medical information management server.
The portable terminal device
A communication state monitoring unit that monitors a communication state of the wireless communication control unit and generates communication state monitoring information;
A medical information communication unit for acquiring medical information from the medical information management server via the wireless communication control unit;
An information display control unit for displaying the medical information acquired by the medical information communication unit on a display screen;
A terminal position determination unit that determines whether the medical information management server is within a wireless communication area based on the communication state monitoring information;
An information concealment unit that executes concealment processing of the medical information acquired from the medical information management server when the terminal position determination unit determines that the terminal is not within the wireless communication range;
A medical information management system comprising: Performing wireless communication with a medical information management server that manages medical information;
A communication state monitoring step of monitoring communication state of the wireless communication control unit and generating communication state monitoring information;
Medical information acquisition step for acquiring medical information from the medical information management server;
A display step for displaying the medical information acquired in the medical information acquisition step on a display screen;
A terminal position determination step of determining whether or not the medical information management server is within a wireless communication area based on the communication state monitoring information;
An information concealment step for executing concealment processing of the medical information acquired from the medical information management server when it is determined that the terminal position determination unit is not within the wireless communication range;
A control method for a mobile terminal device, comprising: A wireless communication control unit that performs wireless communication with a medical information management server that manages medical information;
A communication state monitoring unit that monitors a communication state of the wireless communication control unit and generates communication state monitoring information;
A medical information communication unit for acquiring medical information from the medical information management server via the wireless communication control unit;
An information display control unit for displaying the medical information acquired by the medical information communication unit on a display screen;
A terminal position determination unit that determines whether the medical information management server is within a wireless communication area based on the communication state monitoring information;
An information concealment unit that executes concealment processing of the medical information acquired from the medical information management server when the terminal position determination unit determines that the terminal is not within the wireless communication range;
And a program for controlling the portable terminal device that causes the computer to function.

Images